From: Me Now on 10 May 2007 09:41
Maybe a little off topic as Wireshark is available in several flavours
I have captured traffic from our corporate LAN for about a week and now
I have a sizeable collection of 20MB capture files.
Are there any tools available for Linux that will parse the information
in the capture files and extract information based an a particular
criteria? I know I can filter the traffic within wireshark but that is
impractical for my immediate requirements.
A couple of examples:
1. Identify all traffic on port 8080 to a specific IP address and create
a single list of GET requests using all the capture files.
2. Identify all SMTP traffic and write each captured email to a separate
I appreciate the examples are very different but it gives you an idea of
the scope of requirements I have!
Any help would be greatly appreciated,
Posted via a free Usenet account from http://www.teranews.com